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DETAILED ACTION 
Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claims 10 and 33-43 are rejected under 35 U.S.C. 1 12, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. 

Claim 10 recites the limitation "said interception step" in line 14. There is 
insufficient antecedent basis for this limitation in the claim. 

Claim 33 recites the limitation "the operating system" in lines 5-6. There is 
insufficient antecedent basis for this limitation in the claim. 

Claim 33 recites the limitation "said receiving means" in lines 14-15. There is 
insufficient antecedent basis for this limitation in the claim. 

Claim 34 recites the limitation "the operating system" in line 6. There is 
insufficient antecedent basis for this limitation in the claim. 

Claim 34 recites the limitation "said receiving means" in line 15. There is 
insufficient antecedent basis for this limitation in the claim. 

Claim 35 recites the limitation "the operating system" in line 6. There is 
insufficient antecedent basis for this limitation in the claim. 

Claim 35 recites the limitation "said receiving means" in line 15. There is 
insufficient antecedent basis for this limitation in the claim. 
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Cla 



insufficient antecedent basis for this limitation in the claim. 



Cla 



insufficient antecedent basis for this limitation in the claim. 



Cla 



insufficient antecedent basis for this limitation in the claim. 



Cla 



insufficient antecedent basis for this limitation in the claim. 



Cla 



insufficient antecedent basis for this limitation in the claim. 



Cla 



Cla 



Cla 



Cla 



Cla 



Cla 



m 36 recites the limitation "said management table" in lines 20-21. There is 



m 37 recites the limitation "the operating system" in lines 4-5. There is 



m 38 recites the limitation "said receiving step" in lines 13-14. There is 



m 38 recites the limitation "said management table" in lines 21-22. There is 



m 38 recites the limitation "said receiving step" in line 26. There is 



m 39 recites the limitation "the operating system" in lines 5-6. There is 



insufficient antecedent basis for this limitation in the claim. 



m 39 recites the limitation "said receiving means" in lines 13-14. There is 



insufficient antecedent basis for this limitation in the claim. 



m 40 recites the limitation "said receiving step" in lines 13-14. There is 



insufficient antecedent basis for this limitation in the claim. 



m 40 recites the limitation "said management table" in lines 21-22. There is 



insufficient antecedent basis for this limitation in the claim. 



m 40 recites the limitation "said receiving step" in line 26. There is 



insufficient antecedent basis for this limitation in the claim. 



m 41 recites the limitation "the operating system" in line 6. There is 



insufficient antecedent basis for this limitation in the claim. 
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Claim 41 recites the limitation "said receiving means" in line 15. There is 
insufficient antecedent basis for this limitation in the claim. 

Claim 42 recites the limitation "said receiving step" in lines 13-14. There is 
insufficient antecedent basis for this limitation in the claim. 

Claim 42 recites the limitation "said management table" in lines 21-22. Yhere is 
insufficient antecedent basis for this limitation in the claim. 

Claim 43 recites the limitation "the operating system" in line 6. There is 
insufficient antecedent basis for this limitation in the claim. 

Claim 43 recites the limitation "said receiving means" in line 15. There is 
insufficient antecedent basis for this limitation in the claim. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 28, 30, 31, 35, 42, 43, and 60 are rejected under 35 U.S.C. 101 because 
the claimed invention is directed to non-statutory subject matter. Claims 28, 20, 31, 35, 
42, 43, and 60 are directed to a computer program. Computer programs claimed as 
computer listings per se, i.e., the descriptions or expressions of the programs, are not 
physical "things." They are neither computer components nor statutory processes, as 
they are not "acts" being performed. Such claimed computer programs do not define 
any structural and functional interrelationships between the computer program and 
other claimed elements of a computer which permit the computer program's 



■ 
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functionality to be realized. In contrast, a claimed computer-readable medium encoded 
with a computer program is a computer element which defines structural and functional 
interrelationships between the computer program and the rest of the computer which 
permit the computer program's functionality to be realized, and is thus statutory. See 
Lowry, 3£ F.3d at 1583-84, 32 USPQ2d at 1035. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1, 3, 6, 10, 12, 15, 19, 21, 24, 28, 31-43, and 57-60 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Hunnicutt et al (US Patent #5,889,952) in 
view of Makinson et al (US Patent #6,971 ,023). 

Claims 1, 10, 19, and 28 disclose an information processing method, apparatus, 
storage medium, and program of controlling access to computer resources managed by 
an operating system in a computer comprising: a storing step of storing a management 
table in a storage medium, wherein said management table provides, for each computer 
resource managed by the operating system, access right information representing 
access rights for outputting each computer resource to another computer resource, and 
conditions under which the access right is validated; an interception step of intercepting 
an operation request for a computer resource from a process, before the operation 
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request is transferred to the operating system; a determination step of, when an 
operation request intercepted in said interception step represents outputting a first 
computer resource to a second computer resource, comparing access right information 
of the first computer resource with access right information of the second computer 
resource, determining whether a combination of the first and second computer 
resources satisfies a condition under which an access right is validated, and 
determining whether the process has an access right for outputting the first computer 
resource to the second computer resource; a processing step of, if it is determined in 
said determination step that the process has the access right for outputting the first 
computer resource to the second computer resource, transferring the operation request 
to the operating system and returning a result from the operating system to the process; 
and a denial step of denying the operation request, if it is determined in the 
determination step that the process does not have the access right for outputting the 
first computer resource to the second computer resource. Hunnicutt et al teaches of an 
access control list, which can be associated to a single file, or a list of files, which 
contains information on which users have access and what types of rights are allowed 
to the specific user (column 4, lines 44-49, column 5, lines 15-19, figure 3), a check 
system which compares the access rights of the first resource to a second resource, 
(column 5, lines 54-67), determining whether a valid match is made and if so the 
request is validated (column 5, lines 54-67), and since the request has access to the 
resource the resource is outputted (column 5, lines 54-67), if a matching access 
permission exists then access to the file is granted (column 5, lines 58-61), and if no 
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permission is granted an error message is generated to the user denying access (figure 
5). It fails to teach of intercepting an operation request for a computer resource from a 
process, before the operation request is transferred to the operating system. Makinson 
et al teaches of scanning access requests prior to servicing by an operating system, the 
scanning includes requests for outputting a first resource to a second resource (column 
4, lines 23-45). 

Hunnicutt et al and Makinson et al are analogous art because they are both 
related to controlling access to computer resources. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use the scanning process in Makinson et al with the system in 
Hunnicutt et al because the scanning of requests can increase overall performance of 
the system (Makinson, column 1, lines 49-53). 

Claims 3 and 12 disclose the method and apparatus according to claim 1, 
wherein said access right information designates an access right that is extended but 
not defined in an existing environment. Hunnicutt et al further teaches of using access 
control lists for different, levels of control on the server (column 5, lines 8-25). 

Claim 21 discloses the storage medium according to claim 19, wherein said 
determination step, includes determining whether the access right is present by looking 
up an access right management table containing resource designation information that 
designates a specific computer resource, condition information under which the access 
right is validated, and access right information that designates an access right thatis 
extended but not defined in an existing environment. Hunnicutt et al further teaches of 
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an access control list, which can be associated to a single file, or a list of files. The list 
contains which users have access and what types of rights are allowed to the specific 
user (column 4, lines 44-49, column 5, lines 8-25, figure 3). 

Claims 6, 15, and 24 disclose the method, apparatus, and storage medium 
according to claims 3, 12, and 21, wherein the access right information contains 
information that designates at least one of a right to move to another medium, a right to 
copy to another medium, a right to print, a right to write to a shared memory, a right to 

* 

capture a screen, and a right to restrict use processes. Hunnicutt et al further teaches 
of an access control list, which each file objected has associated with it. The list 
contains access control entries, which defines what type of access the user has, one 
option is full control, which allows manipulation in any way possible (column 4, lines 63- 
67). 

Claim 31 discloses the program according to claim 28, wherein the computer 
resource includes contents of a Web cast, digital broadcasting, and music distribution. 
Hunnicutt et al further teaches of the resources being on a file level which means each 
file object stored on a server (column 4, lines 44-49, 56-57). 

Claims 32, 33, 34, and 35 disclose a system, control method, storage medium, 
and program for an information processing system constituted by connecting first and 
second terminals through a communication network, comprising: an interception step of 
intercepting, an operation request for a computer resource of the second terminal from 
a process in the first terminal, before the computer resource of the second terminal is 
accessed via an operating system of the first terminal, and a determination step of, 
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when an operation request received by said receiving means represents outputting a 
first computer resource to a second computer resource, comparing access right 
information of the first computer resource with access right information of the second 
computer resource, determining whether a combination of the first and second 
computer resources satisfies a condition under which an access right is validated, and 
determining whether the process has an access right for outputting the first computer 
resource to the second computer resource; a processing step of, if it is determined in 
said determination step that the process has the access right for outputting the first 
computer resource to the second computer resource, transferring the operation request 
to the operating system in the first terminal and returning a result from the operating 
system to the process in the first terminal; and a denial step of denying the operation 
request if it is determined in said determination step that the process does not have the 
access right for outputting the first computer resource to the second computer resource. 
Hunnicutt et al teaches of an access control list, which can be associated to a single file, 
or a list of files, which contains information on which users have access and what types 
of rights are allowed to the specific user (column 4, lines 44-49, column 5, lines 15-19, 
figure 3), a check system which compares the access rights of the first resource to a 
second resource, (column 5, lines 54-67), determining whether a valid match is made 
and if so the request is validated (column 5, lines 54-67), and since the request has 
access to the resource the resource is outputted (column 5, lines 54-67), if a matching 
access permission exists then access to the file is granted (column 5, lines 58-61), and 
if no permission is granted an error message is generated to the user denying access 
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(figure 5). It fails to teach of intercepting an operation request for a computer resource 
from a process, before the operation request is transferred to the operating system. 
Makinson et al teaches of scanning access requests prior to servicing by an operating 
system, the scanning includes requests for outputting a first resource to a second 
resource (column 4, lines 23-45). 

Hunnicutt et al and Makinson et al are analogous art because they are both 
related to controlling access to computer resources. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use the scanning process in Makinson et al with the system in 
Hunnicutt et al because the scanning of requests can increase overall performance of 
the system (Makinson, column 1, lines 49-53). 

Claims 36, 38, 40, and 42 disclose an apparatus, method, storage medium, and 
program connected to a terminal through a communication network, comprising: an 
interception step of intercepting, an operation request for a computer resource of the 
terminal from a process, before the computer resource of the terminal is accessed via 
an operating system of the information processing apparatus, and a transmitting step of 
transmitting the operation request intercepted in said interception step to the terminal; a 
reception step of receiving a reply to the operation request from the terminal, wherein 
the terminal, when an operation request received in said receiving step represents 
outputting a first computer resource of the terminal to a second computer resource, 
compares access right information of the first computer resource with access right 
information of the second computer resource, determines whether a combination of the 
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first and second computer resources satisfies a condition under which an access right is 
validated, and determines whether the process has an access right for outputting the 
first computer resource to the second computer resource, wherein said management 
table provides, for each computer resource managed by the operating system of the 
terminal, access right information representing access rights for outputting each 
computer resource to another computer resource, and conditions under which the 
access right is validated, wherein in said receiving step a determination result 
determined by the terminal is received as the reply. Hunnicutt et al teaches of the 
server communicating with other servers and clients using a standard communications 
protocol (column 3, lines 37-39, figure 1), an access control list, which can be 
associated to a single file, or a list of files, which contains information on which users 
have access and what types of rights are allowed to the specific user (column 4, lines 
44-49, column 5, lines 15-19, figure 3), a check system which compares the access 
rights of the first resource to a second resource, (column 5, lines 54-67), determining 
whether a valid match is made and if so the request is validated (column 5, lines 54-67), 
and since the request has access to the resource the resource is outputted (column 5, 
lines 54-67), if a matching access permission exists then access to the file is granted 
(column 5, lines 58-61), and if no permission is granted an error message is generated 
to the user denying access (figure 5). It fails to teach of intercepting an operation 
request for a computer resource from a process, before the operation request is 
transferred to the operating system. Makinson et al teaches of scanning access 
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requests prior to servicing by an operating system, the scanning includes requests for 
outputting a first resource to a second resource (column 4, lines 23-45). 

Hunnicutt et al and Makinson et al are analogous art because they are both 
related to controlling access to computer resources. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use the scanning process in Makinson et al with the system in 
Hunnicutt et al because the scanning of requests can increase overall performance of 
the system (Makinson, column 1, lines 49-53). 

Claims 37, 39, 41, and 43 disclose an apparatus, method, storage medium, and 
program connected to a terminal through a communication network, comprising: a 
storing step of storing a management table in a storage medium, wherein said 
management table provides, for each computer resource managed by the operating 
system of the information processing apparatus, access right information representing 
access rights for outputting each computer resource to another computer resource, and 
conditions under which the access right is validated; a receiving step of receiving an 
operation request for a computer resource of the information processing apparatus from 
a process of the terminal, intercepted by the terminal, before the computer resource of 
the information processing apparatus is accessed via an operating system of the 
information processing apparatus; a determination step of, when an operation request 
received by said receiving means represents outputting a first computer resource to a 
second computer resource, comparing access right information of the first computer 
resource with access right information of the second computer resource, determining 



Application/Control Number: 09/988,106 Page 13 

Art Unit: 2141 

whether a combination of the first and second computer resources satisfies a condition 
under which an access right is validated, and determining whether the process has an 
access right for outputting the first computer resource to the second computer resource; 
a processing step of, if it is determined in said determination step that the process has 
the access right for outputting the first computer resource to the second computer 
resource, transferring the operation request to the operating system in the terminal and 
returning a result to a process in the terminal; and a denial step of denying the operation 
request if it is determined in said determination step that the process does not had the 
access right for outputting the first computer resource to the second computer resource. 
Hunnicutt et al teaches of a server communicating with other servers and clients using a 
standard communications protocol (column 3, lines 37-39, figure 1), an access control 
list, which can be associated to a single file, or a list of files, which contains information 
on which users have access and what types of rights are allowed to the specific user 
(column 4, lines 44-49, column 5, lines 15-19, figure 3), a check system on the se ( rver 
which determines if there is an access permission that allows the requesting user 
access (column 5, lines 54-58, figure 1), a check system which compares the access 
rights of the first resource to a second resource, (column 5, lines 54-67), determining 
whether a valid match is made and if so the request is validated (column 5, lines 54-67), 
and since the request has access to the resource the resource is outputted (column 5, 
lines 54-67), if a matching access permission exists then access to the file is granted 
(column 5, lines 58-61, figure 1), and if no permission is granted an error message is 
generated to the user denying access (figure 5). It fails to teach of intercepting an 
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operation request for a computer resource from a process, before the operation request 
is transferred to the operating system. Makinson et al teaches of scanning access 
requests prior to servicing by an operating system, the scanning includes requests for 
outputting a first resource to a second resource (column 4, lines 23-45). 

Hunnicutt et al and Makinson et al are analogous art because they are both 
related to controlling access to computer resources. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use the scanning process in Makinson et al with the system in 
Hunnicutt et al because the scanning of requests can increase overall performance of 
the system (Makinson, column 1, lines 49-53). 

Claims 57, 58, 59, and 60 disclose the method, apparatus, medium, and program 
according to claims 1, 10, 19, and 28 wherein said interception step further comprises 
intercepting an operation request from the operating system before access to a 
computer resource. Makinson et al further teaches of intercepting a request from the 
operating system before access to a computer resource (column 4, lines 23-45). 

Claims 7-9, 16-18, and 25-27 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Hunnicutt et al (US Patent #5,889,952) in view of Makinson et al (US 
Patent #6,971 ,023) as applied to claims 1,10, and 19 above, and further in view of 
Miller et al (US Patent #5,550,968). 

Claims 7, 16, and 25 disclose the method, apparatus, and storage medium 
according to claims 1,10, and 19, wherein in said denial step, an access denial error 
message is returned to the process without any access to the requested computer 
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resource. Hunnicutt et al in view of Makinson et al teaches of the limitations of claims 1 , 
10, and 19, as recited above. It fails to teach of returning a denial error message. Miller 
et al teaches of informing the user of an incorrect password (column 9, lines 32-38, 
figure 5B). 

Hunnicutt et al in view of Makinson et al and Miller et al are analogous art 
because they are both related to providing access control to resources. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use the incorrect password technique in Miller et al with the system in 
Hunnicutt et al in view of Makinson et al because security is provided for individual 
controls within a window of an interface (Miller et al, column 2, lines 8-10). 

Claims 8, 17, and 26 disclose the method, apparatus, and storage medium 

according to claims 1,10, and 19, wherein in the denial step, a successful access 

message is returned to the request source process without any access to the requested 

computer resource. Hunnicutt et al in view of Makinson et al teaches of the limitations 

of claims 1,10, and 19 as recited above. It fails to teach of returning a success 

message without access to the request resource. Miller et al teaches of returning a 

* 

window, as a user would see if access was successful, but with the controls obscured 
when access is denied (column 9, lines 41-44). 

Hunnicutt et al in view of Makinson et al and Miller et al are analogous art 
because they are both related to providing access control to resources. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use the incorrect password technique in Miller et al with the system in 
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Hunnicutt et al in view of Makinson et al because security is provided for individual 
controls within a window of an interface (Miller et al, column 2, lines 8-10). 

Claims 9, 18, and 27 disclose the method according to claims 1,10, and 19; 
wherein in said denial step, the operation request is converted into an operation request 
for a dummy computer resource and transferred to the operating system, and a result 
from the operating system is returned to the process. Hunnicutt et al in view of 
Makinson et al teaches of the limitations of claims 1,10, and 19, as recited above. It 
fails to teach of converting the actual request into a request for a dummy resource and 
returning a result from the operating system. Miller et al teaches of a system which 
returns to a step if the password entry subroutine is ended and displays the window as 
a user would see if the access was granted but with some fields obscured to the user 
(column 9, lines 41-44). 

Hunnicutt et al in view of Makinson et al and Miller et al are analogous art 
because they are both related to providing access control to resources. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use the incorrect password technique in Miller et al with the system in 
Hunnicutt et al in view of Makinson et al because security is provided for individual 
controls within a window of an interface (Miller et al, column 2, lines 8-10). 

Claim 30 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hunnicutt et al (US Patent #5,889,952) in view of Makinson et al (US Patent 
#6,971 ,023) as applied to claim 28 above, and further in view of New, JR. et al (US 
PGPUB #US2003/0028653). 
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Claim 30 discloses the program according to claim 28, wherein if it is determined 
in the determination step that no access right is present, and access is denied in the 
denial step, an access right is permitted by inputting charging information. Hunnicutt et 
al in view of Makinson et al teaches of the limitations of claim 28 as recited above. It 
fails to teach of granting access rights by charging the requester. New JR. et al teaches 
of billing the user if the requester has insufficient credit (figure 4). 

Hunnicutt et al in view of Makinson et al and New JR. et al are analogous art 
because they are both related to providing access to computer resources. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use the traps in New JR. et al with the system in Hunnicutt et al in view 
of Makinson et al because the system provides added security by preventing 
unauthorized copies of programs (New JR. et al, paragraph 33, lines 8-13). 

Response to Arguments 

Applicant's arguments with respect to claims 1, 10, 19, 28, and 31-43 have been 
considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Pereira (US Patent #5,809,230) teaches of controlling access to 
personal computer system resources. Tarbotton et al (US PGPUB US2002/01 33710) 
teaches of mechanisms for banning computer programs from use by scanning files and 
requests. 
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